Vulnerabilities (CVE)

Total 271657 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-44557 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.
CVE-2024-44555 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function setIptvInfo.
CVE-2024-44553 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formGetIptv.
CVE-2024-44552 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
CVE-2024-44551 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
CVE-2024-44550 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv.
CVE-2024-44549 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formGetIptv.
CVE-2024-8162 1 Totolink 2 T10, T10 Firmware 2024-08-27 10.0 HIGH 9.8 CRITICAL
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-44558 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.
CVE-2024-44556 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function setIptvInfo.
CVE-2024-44565 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the serverName parameter in the function form_fast_setting_internet_set.
CVE-2024-44563 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-08-27 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function setIptvInfo.
CVE-2024-43908 1 Linux 1 Linux Kernel 2024-08-27 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer dereference to ras_manager Check ras_manager before using it
CVE-2024-43909 1 Linux 1 Linux Kernel 2024-08-27 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference for smu7 optimize the code to avoid pass a null pointer (hwmgr->backend) to function smu7_update_edc_leakage_table.
CVE-2024-43907 1 Linux 1 Linux Kernel 2024-08-27 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules Check the pointer value to fix potential null pointer dereference
CVE-2024-43906 1 Linux 1 Linux Kernel 2024-08-27 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/admgpu: fix dereferencing null pointer context When user space sets an invalid ta type, the pointer context will be empty. So it need to check the pointer context before using it
CVE-2024-43903 1 Linux 1 Linux Kernel 2024-08-27 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update This commit adds a null check for the 'afb' variable in the amdgpu_dm_plane_handle_cursor_update function. Previously, 'afb' was assumed to be null, but was used later in the code without a null check. This could potentially lead to a null pointer dereference. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_plane.c:1298 amdgpu_dm_plane_handle_cursor_update() error: we previously assumed 'afb' could be null (see line 1252)
CVE-2024-7968 1 Google 1 Chrome 2024-08-27 N/A 8.8 HIGH
Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7967 1 Google 1 Chrome 2024-08-27 N/A 8.8 HIGH
Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7966 1 Google 1 Chrome 2024-08-27 N/A 8.8 HIGH
Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)